5056017e5cec1326459aa322214ce1fdd68cb46d1a21aec5bcc38a1ae7d0abac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5056017e5cec1326459aa322214ce1fdd68cb46d1a21aec5bcc38a1ae7d0abac
Size

743KB
Sample

220919-c7zbsagham
MD5

9b36745e7f0a97a16143f08088d843f1
SHA1

fa29a12012e74e88fd67cef8f5901dc38cf5a62a
SHA256

5056017e5cec1326459aa322214ce1fdd68cb46d1a21aec5bcc38a1ae7d0abac
SHA512

c31fde09da1b505d8dd3a0c91cc0c7cf9065a05b14dbb109f3991678add38bc908065aef162108de5fa89bb069d41dcf6fe13438e0fe4077a8667ec88e4eae2c
SSDEEP

12288:rZvJieKMzHYVX4Gksk3yLbl6mDKbm0iw0jDGJEqOOgTuGSGI28lHqux/wJMDtxlo:r1ceLiay9lKbm0amJjOOgyH728hL/wJJ

Score

8^/10

Malware Config

Targets

- Target
  
  5056017e5cec1326459aa322214ce1fdd68cb46d1a21aec5bcc38a1ae7d0abac
- Size
  
  743KB
- MD5
  
  9b36745e7f0a97a16143f08088d843f1
- SHA1
  
  fa29a12012e74e88fd67cef8f5901dc38cf5a62a
- SHA256
  
  5056017e5cec1326459aa322214ce1fdd68cb46d1a21aec5bcc38a1ae7d0abac
- SHA512
  
  c31fde09da1b505d8dd3a0c91cc0c7cf9065a05b14dbb109f3991678add38bc908065aef162108de5fa89bb069d41dcf6fe13438e0fe4077a8667ec88e4eae2c
- SSDEEP
  
  12288:rZvJieKMzHYVX4Gksk3yLbl6mDKbm0iw0jDGJEqOOgTuGSGI28lHqux/wJMDtxlo:r1ceLiay9lKbm0amJjOOgyH728hL/wJJ
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2